# This is how we tell Jupyter to use OAuth instead of the default
# authentication which is done using local Linux user accounts.
import os
origin = 'http://81.70.78.141'
codehub_origin = os.environ.get("CODEHUB_ORIGIN")
c.Spawner.args = [f'--NotebookApp.allow_origin={origin}']
c.JupyterHub.tornado_settings = {
    'headers': 
    {
        'Content-Security-Policy':"frame-ancestors " + origin + "' self'",
        'Access-Control-Allow-Origin':origin ,
        'Access-Control-Allow-Credentials': 'true',
        'Access-Control-Allow-Methods': origin ,
    },
}
c.NotebookApp.tornado_settings={
        'headers':
        {

            "Content-Security-Policy":"frame-ancestors self "+codehub_origin,
        }
}
c.JupyterHub.authenticator_class = 'dummyauthenticator.DummyAuthenticator'
c.JupyterHub.admin_users = {'zly2020'}
# we use systemdspawner 

# origin github link https://github.com/jupyterhub/systemdspawner

import systemdspawner

c.JupyterHub.spawner_class=systemdspawner.SystemdSpawner



# dynamic_users

# Allocate system users dynamically for each user.

# Uses the DynamicUser= feature of Systemd to make a new system 

# user for each hub user dynamically.Their home directories are

# set up under /var/lib/{USERNAME}, and persist over time.

# The system user is deallocated whenever the user's server is not running.

c.SystemdSpawner.dynamic_users=True



# set memory limit 

#c.SystemdSpawner.mem_limit = '3G'



# cpu limit 

# A float representing the total CPU-cores each user can use. 1 represents one full CPU,

# 4 represents 4 full CPUs, 0.5 represents half of one CPU, etc. This value is ultimately

# converted to a percentage and rounded down to the nearest integer percentage, 

# i.e. 1.5 is converted to 150%, 0.125 is converted to 12%, etc.i

# Defaults to None, which provides no CPU limits.

# This info is exposed to the single-user server as the environment variable CPU_LIMIT as a float.

#c.SystemdSpawner.cpu_limit = 2.0



# user_workingdir 

# The directory to spawn each user's notebook server in.

# This directory is what users see when they open their notebooks servers. 

# Usually this is the user's home directory.

# {USERNAME} and {USERID} in this configuration value will be expanded to

# the appropriate values for the user being spawned.

# ATTENTION!! If dynamic_users is set to be true this WON'T WORK

#c.SystemdSpawner.user_workingdir = '/usr/share/jupyter/{USERNAME}'



# disable_user_sudo

# Setting this to true prevents users from being able to use 

# sudo (or any other means) to become other users (including root). 

# This helps contain damage from a compromise of a user's credentials 

# if they also have sudo rights on the machine - a web based exploit 

# will now only be able to damage the user's own stuff, rather than have complete root access.

#c.SystemdSpawner.disable_user_sudo = True



# readonly_paths

# List of filesystem paths that should be mounted readonly for the users' notebook server. 

# This will override any filesystem permissions that might exist.

# Subpaths of paths that are mounted readonly can be marked readwrite with readwrite_paths. 

# This is useful for marking / as readonly & only whitelisting the paths where notebook users can write.

# If paths listed here do not exist, you will get an error.

# {USERNAME} and {USERID} in this configuration value will be expanded to the appropriate values for the user being spawned.

# Defaults to None which disables this feature.

#c.SystemdSpawner.readonly_paths = None



# readwrite_paths

# List of filesystem paths that should be mounted readwrite for the users' notebook server.

# This only makes sense if readonly_paths is used to 

# make some paths readonly - this can then be used to make specific paths readwrite. 

# This does not override filesystem permissions

# the user needs to have appropriate rights to write to these paths.

# {USERNAME} and {USERID} in this configuration value will be expanded to the appropriate values for the user being spawned.

#Defaults to None which disables this feature.

#c.SystemdSpawner.readwrite_paths = None

#c.SystemdSpawner.default_shell = '2'
